Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE: ag-grid needs bump to at least 32.0.1 #1360

Open
curtdept opened this issue Jul 12, 2024 · 4 comments
Open

CVE: ag-grid needs bump to at least 32.0.1 #1360

curtdept opened this issue Jul 12, 2024 · 4 comments
Labels
enhancement Adding a new feature or improving existing code

Comments

@curtdept
Copy link

curtdept commented Jul 12, 2024
edited
Loading

Our security scanners are picking up a new moderate level CVE in ag-grid versions below 32.0.1

Details here: GHSA-328p-362g-r48j
@tishoyanchev tishoyanchev added the enhancement Adding a new feature or improving existing code label Aug 8, 2024
@tishoyanchev tishoyanchev moved this from Low Priority to High Priority in Infineon Digital Design System - Public Board Aug 8, 2024
@tishoyanchev
Copy link
Contributor

@verena-ifx

@curtdept
Copy link
Author

curtdept commented Sep 4, 2024

@verena-ifx @tishoyanchev we have any update on this? A second CVE has been opened now as well
GHSA-876p-c77m-x2hc

@tishoyanchev
Copy link
Contributor

@verena-ifx @tishoyanchev we have any update on this? A second CVE has been opened now as well GHSA-876p-c77m-x2hc

Hi, we will get back to you as soon as we can!

@tishoyanchev tishoyanchev moved this from High Priority to Mid Priority in Infineon Digital Design System - Public Board Dec 10, 2024
@tishoyanchev
Copy link
Contributor

@curtdept
Hi, we will update the ag-grid version some time next year, but it is not a priority at the moment, because the new version contains a large amount of breaking changes, which will take a significant effort to adjust, and we are a bit short of resources at the moment, and have other higher priority tasks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Adding a new feature or improving existing code
Projects
Infineon Digital Design System - Public Board
Status: Mid Priority
Milestone
No milestone
Development

No branches or pull requests
3 participants
@curtdept @verena-ifx @tishoyanchev